The personal information of 12,578 may have been exposed due to a cybersecurity incident resulting in Sinai Health System being breached.
On October 16, 2019 an unknown party had gained unauthorized access to two employee emails accounts via a phishing attack.
In an official statement, the Chicago healthcare provider stated that following an investigation, no evidence was found of any patient information being removed from the email accounts of systems.
“Sinai is not aware of any misuse of any patient’s information and has seen no indication that any patient’s information is in the hands of someone it should not be as a result of this incident,” read the statement.
Patient data stored within the email accounts may have been exposed, including names, addresses, dates of birth, Social Security numbers, health information or health insurance information.
Sinai Health Systems have since taken steps to ensure the security of patient information, including resetting employee email passwords, enhancing email filtering protocols and conducting employee training.
“Sinai has also reviewed and revised its information security policies and procedures, including email retention procedures. Additionally, Sinai is increasing the security of its email systems and network with the assistance of security experts.”
The Office for Civil Rights were notified about the breach on December 13, and have launched its own investigation into the breach.
“Sinai Health System sincerely regrets any inconvenience that this incident may cause patients and remains dedicated to protecting patients’ personal and health information.”
The post #Privacy: Sinai Health System notifies over 12K patients about security incident appeared first on PrivSec Report.